Arbitrary File Extraction Vulnerability in aimhubio/aim by Aimhub
CVE-2024-6829

9.1CRITICAL

Key Information:

Vendor: Aimhubio
Status: Aimhubio/aim
Vendor: CVE Published:; 20 March 2025

Summary

A vulnerability in aimhubio/aim version 3.19.3 enables attackers to exploit the tarfile.extractall() function. By crafting a malicious tarfile, an attacker can manipulate repo.path and run_hash to bypass directory existence checks, allowing the extraction of files to unintended locations on the server. This could overwrite critical files and facilitate further attacks, such as injecting a new SSH key onto the target server, posing a significant security risk.

Affected Version(s)

aimhubio/aim <= unspecified

References

https://huntr.com/bounties/7c97065c-1b63-4982-82c1-8038be...

CVSS V3.0

Score:

9.1

Severity:

CRITICAL

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 20, 2025
Vulnerability Reserved
Jul 16, 2024